Recent Advances in Intrusion Detection
Jha, Somesh.
Recent Advances in Intrusion Detection 13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15-17, 2010. Proceedings / [recurso electrónico] : edited by Somesh Jha, Robin Sommer, Christian Kreibich. - 524p. 160 illus. online resource. - Lecture Notes in Computer Science, 6307 0302-9743 ; . - Lecture Notes in Computer Science, 6307 .
Network Protection -- What Is the Impact of P2P Traffic on Anomaly Detection? -- A Centralized Monitoring Infrastructure for Improving DNS Security -- Behavior-Based Worm Detectors Compared -- High Performance -- Improving NFA-Based Signature Matching Using Ordered Binary Decision Diagrams -- GrAVity: A Massively Parallel Antivirus Engine -- Malware Detection and Defence -- Automatic Discovery of Parasitic Malware -- BotSwindler: Tamper Resistant Injection of Believable Decoys in VM-Based Hosts for Crimeware Detection -- CANVuS: Context-Aware Network Vulnerability Scanning -- HyperCheck: A Hardware-Assisted Integrity Monitor -- Kernel Malware Analysis with Un-tampered and Temporal Views of Dynamic Kernel Memory -- Bait Your Hook: A Novel Detection Technique for Keyloggers -- Evaluation -- Generating Client Workloads and High-Fidelity Network Traffic for Controllable, Repeatable Experiments in Computer Security -- On Challenges in Evaluating Malware Clustering -- Why Did My Detector Do That?! -- Forensics -- NetStore: An Efficient Storage Infrastructure for Network Forensics and Monitoring -- Live and Trustworthy Forensic Analysis of Commodity Production Systems -- Hybrid Analysis and Control of Malware -- Anomaly Detection -- Anomaly Detection and Mitigation for Disaster Area Networks -- Community Epidemic Detection Using Time-Correlated Anomalies -- A Data-Centric Approach to Insider Attack Detection in Database Systems -- Privilege States Based Access Control for Fine-Grained Intrusion Response -- Web Security -- Abusing Social Networks for Automated User Profiling -- An Analysis of Rogue AV Campaigns -- Fast-Flux Bot Detection in Real Time -- Posters -- A Client-Based and Server-Enhanced Defense Mechanism for Cross-Site Request Forgery -- A Distributed Honeynet at KFUPM: A Case Study -- Aspect-Based Attack Detection in Large-Scale Networks -- Detecting Network Anomalies in Backbone Networks -- Detecting the Onset of Infection for Secure Hosts -- Eliminating Human Specification in Static Analysis -- Evaluation of the Common Dataset Used in Anti-Malware Engineering Workshop 2009 -- Inferring Protocol State Machine from Real-World Trace -- MEDUSA: Mining Events to Detect Undesirable uSer Actions in SCADA -- On Estimating Cyber Adversaries’ Capabilities: A Bayesian Model Approach -- Security System for Encrypted Environments (S2E2) -- Towards Automatic Deduction and Event Reconstruction Using Forensic Lucid and Probabilities to Encode the IDS Evidence -- Toward Specification-Based Intrusion Detection for Web Applications -- Toward Whole-System Dynamic Analysis for ARM-Based Mobile Devices -- Using IRP for Malware Detection.
On behalf of the Program Committee, it is our pleasure to present the p- ceedings of the 13th International Symposium on Recent Advances in Intrusion Detection Systems (RAID 2010), which took place in Ottawa, Ontario, Canada, during September 15-17, 2010. As in the past, the symposium brought together leading researchers and practitioners from academia, government, and industry to discuss intrusion detection research and practice. There were eight technical sessionspresentingfullresearchpapersonnetworkprotection,highperformance, malwaredetectionanddefense(2 sessions),evaluation,forensics,anomalydet- tion and access protection, and Web security. Furthermore, there was a poster session presenting emerging research areas and case studies. The RAID 2010 Program Committee received 102 full-paper submissions from all over the world. All submissions were carefully reviewed by independent reviewers on the basis of technical quality, topic, space, and overallbalance. The ?naldecisiontookplaceataProgramCommitteemeetingheldduringMay19-20 inOakland,California,where24paperswereeventuallyselectedforpresentation at the conference and publication in the proceedings. As a continued feature, the symposium later also accepted 15 poster presentations reporting early-stage research,demonstrationof applications,orcasestudies. The authorsof accepted posters were also o?ered the opportunity to have an extended abstract of their work included in the proceedings.
9783642155123
Computer science.
Computer Communication Networks.
Data structures (Computer science).
Data encryption (Computer science).
Computer software.
Artificial intelligence.
Computer Science.
Computer Communication Networks.
Data Encryption.
Computers and Society.
Algorithm Analysis and Problem Complexity.
Data Structures, Cryptology and Information Theory.
Artificial Intelligence (incl. Robotics).
TK5105.5-5105.9
004.6
Recent Advances in Intrusion Detection 13th International Symposium, RAID 2010, Ottawa, Ontario, Canada, September 15-17, 2010. Proceedings / [recurso electrónico] : edited by Somesh Jha, Robin Sommer, Christian Kreibich. - 524p. 160 illus. online resource. - Lecture Notes in Computer Science, 6307 0302-9743 ; . - Lecture Notes in Computer Science, 6307 .
Network Protection -- What Is the Impact of P2P Traffic on Anomaly Detection? -- A Centralized Monitoring Infrastructure for Improving DNS Security -- Behavior-Based Worm Detectors Compared -- High Performance -- Improving NFA-Based Signature Matching Using Ordered Binary Decision Diagrams -- GrAVity: A Massively Parallel Antivirus Engine -- Malware Detection and Defence -- Automatic Discovery of Parasitic Malware -- BotSwindler: Tamper Resistant Injection of Believable Decoys in VM-Based Hosts for Crimeware Detection -- CANVuS: Context-Aware Network Vulnerability Scanning -- HyperCheck: A Hardware-Assisted Integrity Monitor -- Kernel Malware Analysis with Un-tampered and Temporal Views of Dynamic Kernel Memory -- Bait Your Hook: A Novel Detection Technique for Keyloggers -- Evaluation -- Generating Client Workloads and High-Fidelity Network Traffic for Controllable, Repeatable Experiments in Computer Security -- On Challenges in Evaluating Malware Clustering -- Why Did My Detector Do That?! -- Forensics -- NetStore: An Efficient Storage Infrastructure for Network Forensics and Monitoring -- Live and Trustworthy Forensic Analysis of Commodity Production Systems -- Hybrid Analysis and Control of Malware -- Anomaly Detection -- Anomaly Detection and Mitigation for Disaster Area Networks -- Community Epidemic Detection Using Time-Correlated Anomalies -- A Data-Centric Approach to Insider Attack Detection in Database Systems -- Privilege States Based Access Control for Fine-Grained Intrusion Response -- Web Security -- Abusing Social Networks for Automated User Profiling -- An Analysis of Rogue AV Campaigns -- Fast-Flux Bot Detection in Real Time -- Posters -- A Client-Based and Server-Enhanced Defense Mechanism for Cross-Site Request Forgery -- A Distributed Honeynet at KFUPM: A Case Study -- Aspect-Based Attack Detection in Large-Scale Networks -- Detecting Network Anomalies in Backbone Networks -- Detecting the Onset of Infection for Secure Hosts -- Eliminating Human Specification in Static Analysis -- Evaluation of the Common Dataset Used in Anti-Malware Engineering Workshop 2009 -- Inferring Protocol State Machine from Real-World Trace -- MEDUSA: Mining Events to Detect Undesirable uSer Actions in SCADA -- On Estimating Cyber Adversaries’ Capabilities: A Bayesian Model Approach -- Security System for Encrypted Environments (S2E2) -- Towards Automatic Deduction and Event Reconstruction Using Forensic Lucid and Probabilities to Encode the IDS Evidence -- Toward Specification-Based Intrusion Detection for Web Applications -- Toward Whole-System Dynamic Analysis for ARM-Based Mobile Devices -- Using IRP for Malware Detection.
On behalf of the Program Committee, it is our pleasure to present the p- ceedings of the 13th International Symposium on Recent Advances in Intrusion Detection Systems (RAID 2010), which took place in Ottawa, Ontario, Canada, during September 15-17, 2010. As in the past, the symposium brought together leading researchers and practitioners from academia, government, and industry to discuss intrusion detection research and practice. There were eight technical sessionspresentingfullresearchpapersonnetworkprotection,highperformance, malwaredetectionanddefense(2 sessions),evaluation,forensics,anomalydet- tion and access protection, and Web security. Furthermore, there was a poster session presenting emerging research areas and case studies. The RAID 2010 Program Committee received 102 full-paper submissions from all over the world. All submissions were carefully reviewed by independent reviewers on the basis of technical quality, topic, space, and overallbalance. The ?naldecisiontookplaceataProgramCommitteemeetingheldduringMay19-20 inOakland,California,where24paperswereeventuallyselectedforpresentation at the conference and publication in the proceedings. As a continued feature, the symposium later also accepted 15 poster presentations reporting early-stage research,demonstrationof applications,orcasestudies. The authorsof accepted posters were also o?ered the opportunity to have an extended abstract of their work included in the proceedings.
9783642155123
Computer science.
Computer Communication Networks.
Data structures (Computer science).
Data encryption (Computer science).
Computer software.
Artificial intelligence.
Computer Science.
Computer Communication Networks.
Data Encryption.
Computers and Society.
Algorithm Analysis and Problem Complexity.
Data Structures, Cryptology and Information Theory.
Artificial Intelligence (incl. Robotics).
TK5105.5-5105.9
004.6
